Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

0c7542bb24...8.html

windows7-x64

3

0c7542bb24...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 21:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c7542bb248f08efe291701bd0b7e27e_JaffaCakes118.html

  • Size

    139KB

  • MD5

    0c7542bb248f08efe291701bd0b7e27e

  • SHA1

    9dda52b811bb5e52019adabfbfb3179024e2c4f1

  • SHA256

    38c7ef6232b4e3089bb883b5ea65ff3206324ed61b3cfd2a37bcbe90e6f3e6fd

  • SHA512

    4fc67e5b38c3ae2f1d52306d291dc01bdefe93a0536b415326e0c3fe686c5b60f23a3614289171f12eb1004404a6ed4795eed04ade836323c458c542928f7213

  • SSDEEP

    1536:SMNUdwDwLaBqqi75vlUZtyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wd:SMCFEyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0c7542bb248f08efe291701bd0b7e27e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb961dc65d7c44b291eef3a9345b050c

    SHA1

    fd5a6dae8102bd71b5cfedf2e6584e348c6bb6c2

    SHA256

    fbba55594da69f18d2cd35fd84cca813d74dcab469a55bc8c91fbfb1e629f4f7

    SHA512

    33a28ade9e722562eed625de8e3fd63dc8d4b486843014d63e08aceffa71dfc86332c23d45862738044853800aa575a300fdd968fe1dabf642044ccccc66ce45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ddfd4fb2e9081d7d47bcc8c28a74a86

    SHA1

    f2570b7bde2134dd391fa52fd1cd20aa0de3c035

    SHA256

    0bd1908bb4cbe810e45c724e44edc95bee0e3a738a1ec217af7758be78c1ac59

    SHA512

    5bf467379b9f91064d933d8d539d7fa070538c9fa4b8eab88d6663d0f590d9965d61a9bcab2ad04817270d10b0882f3f99c717a1bfa08e9123c7e16600fcba50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bd91f2689cb8b631303ab8db5ba4269

    SHA1

    8b5f59317106ec4da06b8469256d64ecfef6b816

    SHA256

    77ce7c1e60428327502ae1686505b09bf6cb4e1133672eaf3be44b1d31540766

    SHA512

    c714ef28c971b1f79695e0ebf8527de50d7c179f898596ef7c2e2630b59444d313d381f05834d43d775ae0bafd18ad745fc936316599d874945a22d039cf6765

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81161fe6a09d8e1a90f8851c32e56ba3

    SHA1

    32204ccbc47f21f0541bb57a987ddfdb05c24fac

    SHA256

    f02d01e30c462e8fdcb474ba3da255fe9bdc4272a8b725c3d61c0537557c74e9

    SHA512

    a8b2c3dbfe452e088cc20f7d758a20fd054d5b412d2441a317af02d8799f7312b92b0fa300e3977799306c044f05a6de99e1efaa90d4705e23b8f917aa0c7ae2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4573ab20cb47255246153aa13a4de45

    SHA1

    afc16399a2b8ce77070bcecf8a69456c1d3f1693

    SHA256

    c4c7e07a3a6a7e51b4c0453969a66d375a50bc780536060d3a6866e6294c0237

    SHA512

    6bd0f38cc642f56e20024e0090c3fe22e7f728e40c69e6d4b388988492c085a783760be1f667c4db238832f39e81b0ad08aca74e7dc2d05d40c3a60f0973d6c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ee1a0a8df7708a06ea09f16ba1ff55c

    SHA1

    c46f57dda65ec9b2d2932412a02791eb9181e388

    SHA256

    a819716acca1d78586bf0604d4c748645021b12e7505a4258d83e331bdb9b7ba

    SHA512

    9b1af91532e2418e02f24cf6060892fd1079fa830730c28a5a1258bb9b0a710d180f6e1f9c8ba79be05291edfb27758f2cb4be87d738f1bc9424d1cb849614e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dec17a458ecdeb969de4a991046a5f9

    SHA1

    d107c7ef6491ef76aa9e44867a5eaf53197e48b2

    SHA256

    046f2d6ae1b3d49c26d489f0da0f9aa286c40ce0efa818662dc90f9ce45871da

    SHA512

    e198b5a337d69c359cf09c28190022b64766c8476c4431e3214fe0c92e4b12317fdd266a7886e3b9f77817cfb2ad3942f1de9c3eca54eabb29fcda7acfacd923

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8eb05d3b21a4874111cf7d96ab47c37

    SHA1

    53e5302d94171972e4ae6f55fd8822038c858837

    SHA256

    9e8a2ef70a50c9813fc0297dbd9d2effa49f9bf949cd368ab215a2fb5d1be209

    SHA512

    363b4de47d050a8a98f1f42f7a9f04db36c9349a49726929b1d6f95c14f43410d526164dd30283a388d065d1a35ddce02e736abaf83b7ae82fbbebb9f7633501

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8b7f26dc459b6ddcfece12d36fb8b3c

    SHA1

    46cbc7da6e0f1a73f5f5672fb8900f827df0dfbc

    SHA256

    f45ca292bfaf18a7e0f6d77a36b72ae2fdd62240a919a6700fa8481f9d215c69

    SHA512

    f2d17b8b077c3834c28bddcf46c1d0260760e9837b1140924997b9252f3b8b24620d42aaaa5d9ad9ab6dc0cdb7052d94214f972fc041be4d0fef5eaea0bb3c9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91fcf7dc8b69ca0c4c1060e04d56f4b5

    SHA1

    2bd5976eadebe164169d8af30632c0cb37fafdd9

    SHA256

    1a599e4bfd84b7ac3a040a8f903ff336aa865a2939e09570d9e706ed3a058742

    SHA512

    739a7b7c20840d35ef33a8424c66de6e1842851d1b4733b45eaeeca018bc5ebda3db21d48e135cbdd381267d5e047f52519a1d71f6503c73ca297fd36d33e01f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB50F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB6E6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit